How do we protect your privacy?

The Controller of all personal data is the company esoul s.r.o., established in Doležalova 3417/7, 821 04 Bratislava, Registration number: 51717131. The processing of all personal data by the controller is in accordance with the legislation of the Slovak Republic and the legislation of the European Union.

The legislation of the Slovak Republic enables to process personal data even without the consent of the data subject. Your data are being processed even without your consent if they’re inevitable for the performance of our activity. Such processing of personal data is subject to legislation concerning our activity. Otherwise we process your personal data only on the basis of your consent.

What data do we collect?

Data acquired during the use of our services

During the use of our services and websites we also acquire data related to your interactions with our services, the manner and time when you visit our web pages, what device you use, your IP address, browser settings and information from cookies. After the acquisition, all data is rendered anonymous and can’t be re-assigned to a particular person. More information on the terms of their use can be found in the Cookies section.

Data acquired during survey registration

For the purposes of market research and user experience testing during the usage of esoul’s web software, we store this data about you: first name, e-mail, sex, age or the message or information you’ve sent us or informed us about. We use the data for contact purposes in order to be able to evaluate whether you correspond to the testing target group within the survey.

Data acquired during newsletter subscription

If you’ve given us your consent, we also send commercial information about news and current offers which could interest you to your email.

Who do we give access to data?

Some of our suppliers who process your data for us, based on our instructions and in accordance with this document, have access to your personal data. While doing so, they respect all necessary security, technical and organisational measures in order to provide your data with required protection.

  1. Google Ireland Limited - Gordon House, Barrow Street, Dublin 4, Ireland
  2. Hotjar Limited - Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta
  3. Three Hearts Digital Ltd (trading as EmailOctopus) - Unit 6, 14a Andre Street, London, E8 2AA, United Kingdom
  4. Amazon Web Services - EMEA SARL, 5 rue Plaetis, L-2338 Luxembourg, Luxembourg
  5. Facebook Pixel - Facebook Ireland Ltd. 4 Grand Canal Square, Grand Canal Harbour Dublin 2, Ireland

Data transfer to third countries

We don’t transfer your personal data to third countries outside the European Union. Some of our partners, with whom we cooperate, may perform such transfers to the USA. Persons who had access to personal data in the USA respect the terms of the US-EU Privacy Shield. We’ll be happy to provide more information if you send us an email to info@esoul.systems.

Data subject’s rights

If you’ve provided us with your personal data, you’re authorised to, among others, exercise in particular these rights:

The right of access to data subject’s processed personal data by the Controller and thus the right to obtain confirmation whether the Controller processes data subject’s personal data or not.

The right to have personal data concerning him or her rectified in order to have the Controller rectify personal data when requested by the data subject or complete this personal data.

Right to request erasure of personal data which are processed by the Controller. The data subject won’t have the right to erasure of personal data provided their processing is necessary for the execution of legal claims, fulfilment of obligations prescribed by the law and if it’s on the grounds of public interest.

The right to data portability which means the acquisition of personal data which the data subject provided to the Controller, while they’ve the right to transmit these data to another controller in a commonly used, machine-readable format provided the personal data were acquired on the basis of the consent of the data subject or on the basis of a contract and their processing is carried out by automated means.